Abstract: Searching encrypted data using encrypted contexts by performing at least the following: configuring a first encryption context that allows access to a first encrypted field, configuring a second encryption context that allows access to a second encrypted field, assigning the first encryption context to a first role and the second encryption context to a second role, assigning the first role to a first user account to allow the first user account to access the first encrypted field, assigning the second role to a second user account to allow the second user to access the second encrypted field, receiving a query request associated with the first user account for a search term, wherein the query request includes instructions to search for an unencrypted version of the search term and a first encrypted value of the search term that is based on the first encryption context.

Abstract: An example method includes determining, by a network controller, based on a high-level data model, vendor-agnostic device information for a first network device, translating the vendor-agnostic device information into vendor-specific device information, sending, to the first network device, first configuration information included in the vendor-specific device information to cause the first network device to switch into a maintenance mode and enable diversion of network traffic from the first network device to a second network device, responsive to verifying that the first network device has diverted the traffic, initiating maintenance procedures on the first network device while the first network device is in the maintenance mode, and sending, to the first network device, second configuration information included in the vendor-specific device information to cause the first network device to switch out of the maintenance mode and enable reversion of network traffic from the second device to the first network

Abstract: Cloud computing utilization measurements associated with a cloud computing instance are received. Metrics based on the cloud computing utilization measurements are calculated. Based on a user configurable resource evaluation criteria, whether a different cloud computing instance among eligible cloud computing resource unit options is a better match than a current cloud computing resource unit handling the cloud computing instance is evaluated. A selected one of the eligible cloud computing resource unit options is indicated as the better match than the current cloud computing resource unit handling the cloud computing instance.

Abstract: Improving a security configuration may include receiving a request to assign a single sign-on configuration for a user profile, present a user interface comprising input fields for configuration characteristics, receiving an indication from the user interface that an administrator is requesting the assign the configuration characteristics, in response to receiving the indication, performing a test connection using the configuration profile, and in response to determining that the test connection succeeded, prompting the administrator to activate the single sign-on communication for the user profile.

Abstract: Searching encrypted data using encrypted contexts by performing at least the following: configuring a first encryption context that allows access to a first encrypted field, configuring a second encryption context that allows access to a second encrypted field, assigning the first encryption context to a first role and the second encryption context to a second role, assigning the first role to a first user account to allow the first user account to access the first encrypted field, assigning the second role to a second user account to allow the second user to access the second encrypted field, receiving a query request associated with the first user account for a search term, wherein the query request includes instructions to search for an unencrypted version of the search term and a first encrypted value of the search term that is based on the first encryption context.

Abstract: Searching encrypted data using encrypted contexts by performing at least the following: configuring a first encryption context that allows access to a first encrypted field, configuring a second encryption context that allows access to a second encrypted field, assigning the first encryption context to a first role and the second encryption context to a second role, assigning the first role to a first user account to allow the first user account to access the first encrypted field, assigning the second role to a second user account to allow the second user to access the second encrypted field, receiving a query request associated with the first user account for a search term, wherein the query request includes instructions to search for an unencrypted version of the search term and a first encrypted value of the search term that is based on the first encryption context.

Abstract: An example method includes identifying, based on a received indication, at least a first network device that is to be placed in the maintenance mode, determining device information for the first network device, sending, to the first network device, first configuration information included in the device information to cause the first network device to switch into a maintenance mode and enable diversion of network traffic from the first network device to a second network device, responsive to verifying that the first network device has diverted the traffic, initiating maintenance procedures on the first network device while the first network device is in the maintenance mode, and sending, to the first network device, second configuration information included in the device information to cause the first network device to switch out of the maintenance mode and enable reversion of network traffic from the second device to the first network device.

Abstract: A remote network management platform may include a database containing records relating to units of reserved and on-demand computing resources provided by a third-party network and a processor disposed within a computational instance. The processor may be configured to obtain utilization reports regarding the managed network from the third-party network and calculate, for each hour-of-day across one or more days of usage, respective hourly average units of utilization, by the managed network, of the reserved and on-demand computing resources. The processor may also calculate output values respectively associated with different combinations of the reserved and on-demand computing resources that jointly satisfy the hourly average units of utilization and select an allocation of the reserved computing resources that is within a threshold of a minimum output value of the output values. The processor may further change the number of allocated units to be the selected allocation of reserved computing resources.

Abstract: A system, method, and non-transitory computer-readable storage medium for authenticating access to an instance have been disclosed. The system comprises a processor and a memory that includes instructions executable by the processor to cause the system to receive an access request to the instance from a client device and to send an encryption request of information to a security device. The information includes an expiration time and the security device encrypts the information using a private key that is secured in the security device. The memory includes further instructions executable by the processor to cause the system to receive the encrypted information from the security device and to send the encrypted information to the client device. The encrypted information is decryptable by the instance using a public key associated with the private key in response to the client device providing the encrypted information to the instance.

Abstract: An example method includes determining, by a network controller, based on a high-level data model, vendor-agnostic device information for a first network device, translating the vendor-agnostic device information into vendor-specific device information, sending, to the first network device, first configuration information included in the vendor-specific device information to cause the first network device to switch into a maintenance mode and enable diversion of network traffic from the first network device to a second network device, responsive to verifying that the first network device has diverted the traffic, initiating maintenance procedures on the first network device while the first network device is in the maintenance mode, and sending, to the first network device, second configuration information included in the vendor-specific device information to cause the first network device to switch out of the maintenance mode and enable reversion of network traffic from the second device to the first network

Abstract: Control plane analytics and policing may be provided. First, packets that traverse a port may be parsed. Next, based on the parsed packets, metrics for each of a plurality of hosts on a per-protocol basis may be created. The created metrics may then be analyzed and at least one restriction on at least one of the plurality of hosts may be applied based on the analysis.

Abstract: Improving a security configuration may include receiving a request to assign a single sign-on configuration for a user profile, present a user interface comprising input fields for configuration characteristics, receiving an indication from the user interface that an administrator is requesting the assign the configuration characteristics, in response to receiving the indication, performing a test connection using the configuration profile, and in response to determining that the test connection succeeded, prompting the administrator to activate the single sign-on communication for the user profile.

Abstract: Searching encrypted data using encrypted contexts by performing at least the following: configuring a first encryption context that allows access to a first encrypted field, configuring a second encryption context that allows access to a second encrypted field, assigning the first encryption context to a first role and the second encryption context to a second role, assigning the first role to a first user account to allow the first user account to access the first encrypted field, assigning the second role to a second user account to allow the second user to access the second encrypted field, receiving a query request associated with the first user account for a search term, wherein the query request includes instructions to search for an unencrypted version of the search term and a first encrypted value of the search term that is based on the first encryption context.

Abstract: Improving a security configuration may include receiving a request to assign a single sign-on configuration for a user profile, present a user interface comprising input fields for configuration characteristics, receiving an indication from the user interface that an administrator is requesting the assign the configuration characteristics, in response to receiving the indication, performing a test connection using the configuration profile, and in response to determining that the test connection succeeded, prompting the administrator to activate the single sign-on communication for the user profile.

Abstract: A remote network management platform may include a database containing records relating to units of reserved and on-demand computing resources provided by a third-party network and a processor disposed within a computational instance. The processor may be configured to obtain utilization reports regarding the managed network from the third-party network and calculate, for each hour-of-day across one or more days of usage, respective hourly average units of utilization, by the managed network, of the reserved and on-demand computing resources. The processor may also calculate output values respectively associated with different combinations of the reserved and on-demand computing resources that jointly satisfy the hourly average units of utilization and select an allocation of the reserved computing resources that is within a threshold of a minimum output value of the output values. The processor may further change the number of allocated units to be the selected allocation of reserved computing resources.

Abstract: Searching encrypted data using encrypted contexts by performing at least the following: configuring a first encryption context that allows access to a first encrypted field, configuring a second encryption context that allows access to a second encrypted field, assigning the first encryption context to a first role and the second encryption context to a second role, assigning the first role to a first user account to allow the first user account to access the first encrypted field, assigning the second role to a second user account to allow the second user to access the second encrypted field, receiving a query request associated with the first user account for a search term, wherein the query request includes instructions to search for an unencrypted version of the search term and a first encrypted value of the search term that is based on the first encryption context.

Abstract: Searching encrypted data using encrypted contexts by performing at least the following: configuring a first encryption context that allows access to a first encrypted field, configuring a second encryption context that allows access to a second encrypted field, assigning the first encryption context to a first role and the second encryption context to a second role, assigning the first role to a first user account to allow the first user account to access the first encrypted field, assigning the second role to a second user account to allow the second user to access the second encrypted field, receiving a query request associated with the first user account for a search term, wherein the query request includes instructions to search for an unencrypted version of the search term and a first encrypted value of the search term that is based on the first encryption context.

Abstract: Control plane analytics and policing may be provided. First, packets that traverse a port may be parsed. Next, based on the parsed packets, metrics for each of a plurality of hosts on a per-protocol basis may be created. The created metrics may then be analyzed and at least one restriction on at least one of the plurality of hosts may be applied based on the analysis.

Abstract: Improving a security configuration may include receiving a request to assign a single sign-on configuration for a user profile, present a user interface comprising input fields for configuration characteristics, receiving an indication from the user interface that an administrator is requesting the assign the configuration characteristics, in response to receiving the indication, performing a test connection using the configuration profile, and in response to determining that the test connection succeeded, prompting the administrator to activate the single sign-on communication for the user profile.

Abstract: A system, method, and non-transitory computer-readable storage medium for authenticating access to an instance have been disclosed. The system comprises a processor and a memory that includes instructions executable by the processor to cause the system to receive an access request to the instance from a client device and to send an encryption request of information to a security device. The information includes an expiration time and the security device encrypts the information using a private key that is secured in the security device. The memory includes further instructions executable by the processor to cause the system to receive the encrypted information from the security device and to send the encrypted information to the client device. The encrypted information is decryptable by the instance using a public key associated with the private key in response to the client device providing the encrypted information to the instance.